Abstract: A computing fabric includes one or more host computing platforms and a plurality of partitions instantiated across the one or more host computing platforms, each of the plurality of partitions allocated computing resources of the one or more host computing platforms. The computing fabric further includes a hypervisor installed on the one or more host computing platforms and managing interactions among the plurality of partitions. The plurality of partitions includes a persistent partition to which one or more storage devices are allocated, the persistent partition executing software loaded from a trusted storage location and executing from a non-volatile memory.

Abstract: Systems and methods for executing multiple operating systems on a computing system without rebooting the computing system are disclosed. Embodiments may include installing a first OS and a second OS on a computing system. Embodiments may further include executing the first OS on hardware resources of the computing system. Some embodiments may also include suspending execution of the first OS, and executing the second OS on the hardware resources while execution of the first OS is suspended.

Abstract: Methods and systems for securing memory within a computing fabric are disclosed. One method includes allocating memory of one or more host computing systems in the computing fabric to a partition, the partition included among a plurality of partitions, the computing fabric including a hypervisor installed on the one or more host computing platforms and managing interactions among the plurality of partitions. The method includes defining an address range associated with the memory allocated to the partition, receiving a memory operation including an address within the address range, and, based on the memory operation including an address within the address range, issuing, by the hypervisor, an indication that the memory operation is occurring at an encrypted memory location. The method also includes performing the memory operation, and performing an encryption operation on data associated with the memory operation.

Abstract: Methods and systems for securing memory within a computing fabric are disclosed. One method includes allocating memory of one or more host computing systems in the computing fabric to a partition, the partition included among a plurality of partitions, the computing fabric including a hypervisor installed on the one or more host computing platforms and managing interactions among the plurality of partitions. The method includes defining an address range associated with the memory allocated to the partition, receiving a memory operation including an address within the address range, and, based on the memory operation including an address within the address range, issuing, by the hypervisor, an indication that the memory operation is occurring at an encrypted memory location. The method also includes performing the memory operation, and performing an encryption operation on data associated with the memory operation.

Abstract: A computing fabric includes one or more host computing platforms and a plurality of partitions instantiated across the one or more host computing platforms, each of the plurality of partitions allocated computing resources of the one or more host computing platforms. The computing fabric further includes a hypervisor installed on the one or more host computing platforms and managing interactions among the plurality of partitions. The plurality of partitions includes a persistent partition to which one or more storage devices are allocated, the persistent partition executing software loaded from a trusted storage location and executing from a non-volatile memory.

Abstract: A reduced service partition system and method for a host computing device having a host processor and system resources including memory divided into most privileged system memory and less privileged user memory. The system includes a virtualization boot application that operates in the less privileged user memory and divides the host computing device into a resource management partition, at least one virtual service partition and at least one virtual guest partition. The virtual guest partition provides a virtualization environment for at least one guest operating system. The virtual service partition provides a virtualization environment for the basic operations of the virtualization system. The resource management partition maintains a resource database for use in managing the use of the host processor and the system resources.

Abstract: A secure application system and method for a host computing device. The system includes an ultraboot application divides the host computing device into a resource management partition, at least one virtual service partition and at least one virtual guest partition. The virtual service partition provides a virtualization environment for the basic operations of the virtualization system. The virtual service partition is an isolated secure partition having a secure application executing therein. The isolated secure partition includes a security manifest portion for controlling the execution of the secure application within the isolated secure partition, and a secure application operating system (OS) portion that supports only the execution of the secure application within the isolated secure partition. The secure application is executed within the isolated secure partition without the need for any standard operating system (OS).

Abstract: Systems and methods for executing multiple operating systems on a computing system without rebooting the computing system are disclosed. Embodiments may include installing a first OS and a second OS on a computing system. Embodiments may further include executing the first OS on hardware resources of the computing system. Some embodiments may also include suspending execution of the first OS, and executing the second OS on the hardware resources while execution of the first OS is suspended.

Abstract: A reduced service partition system and method for a host computing device having a host processor and system resources including memory divided into most privileged system memory and less privileged user memory. The system includes a virtualization boot application that operates in the less privileged user memory and divides the host computing device into a resource management partition, at least one virtual service partition and at least one virtual guest partition. The virtual guest partition provides a virtualization environment for at least one guest operating system. The virtual service partition provides a virtualization environment for the basic operations of the virtualization system. The resource management partition maintains a resource database for use in managing the use of the host processor and the system resources.

Abstract: A secure platform system and method for a host computing device. The system includes an ultraboot application that operates in the less privileged user memory and divides the host computing device into a resource management partition, at least one virtual service partition and at least one virtual guest partition. The virtual guest partition provides a virtualization environment for at least one guest operating system. The virtual service partition provides a virtualization environment for the basic operations of the virtualization system. The resource management partition maintains a resource database for use in managing the use of the host processor and the system resources. The virtual service partition is a secure virtualization platform (s-Platform) having at least one isolated secure partition for executing at least one secure application therein. The system also includes at least one monitor that operates in the most privileged system memory.

Abstract: A secure application system and method for a host computing device. The system includes an ultraboot application that operates in the less privileged user memory and divides the host computing device into a resource management partition, at least one virtual service partition and at least one virtual guest partition. The virtual guest partition provides a virtualization environment for at least one guest operating system. The virtual service partition provides a virtualization environment for the basic operations of the virtualization system. The resource management partition maintains a resource database for use in managing the use of the host processor and the system resources. The virtual service partition is an isolated secure partition having a secure application executing therein. The isolated secure partition includes a security manifest portion for controlling the execution of the secure application within the isolated secure partition.

Abstract: A computing system using a persistent, unique identifier may be used to authenticate the system that ensures software and configurations of systems are properly licensed while permitting hardware components to be replaced. The persistent, unique system identifier may be coupled to serial numbers or similar hardware identifiers of components within the computing system while permitting some of the hardware components to be deleted and changed. When components that are coupled to the persistent, unique identifier are removed or disabled, a predefined time period is provided to update the coupling of the persistent, unique identifier to alternate hardware component in the system.

Abstract: A computing system using a persistent, unique identifier may be used to authenticate the system that ensures software and configurations of systems are properly licensed while permitting hardware components to be replaced. The persistent, unique system identifier may be coupled to serial numbers or similar hardware identifiers of components within the computing system while permitting some of the hardware components to be deleted and changed. When components that are coupled to the persistent, unique identifier are removed or disabled, a predefined time period is provided to update the coupling of the persistent, unique identifier to alternate hardware component in the system.

Abstract: A computing system using a persistent, unique identifier may be used to authenticate the system that ensures software and configurations of systems are properly licensed while permitting hardware components to be replaced. The persistent, unique system identifier may be coupled to serial numbers or similar hardware identifiers of components within the computing system while permitting some of the hardware components to be deleted and changed. When components that are coupled to the persistent, unique identifier are removed or disabled, a predefined time period is provided to update the coupling of the persistent, unique identifier to alternate hardware component in the system.

Abstract: A computing system using a persistent, unique identifier may be used to authenticate the system that ensures software and configurations of systems are properly licensed while permitting hardware components to be replaced. The persistent, unique system identifier may be coupled to serial numbers or similar hardware identifiers of components within the computing system while permitting some of the hardware components to be deleted and changed. When components that are coupled to the persistent, unique identifier are removed or disabled, a predefined time period is provided to update the coupling of the persistent, unique identifier to alternate hardware component in the system.